Digital Rights Management (DRM) is a system for protecting the copyrights of digital content that is distributed on-line. It may also include the accounting for paying royalties to the authors of the material. In the music world, a DRM system provides a container format that includes metadata, such as track titles, and a set of business rules that enforce copyright compliance which software and hardware players must support in order to play back the material.
In today's commercial systems, digital music to be distributed is encrypted and stored on download servers. When a user desires to download a particular music file, the download server generates encryption keys for each transfer. The download server sends the digitized encrypted music file and the encrypted key specific for that transaction to the user. The user can then decrypt the encrypted music file for use. Business rules associated with the downloaded music file determine the extent to which the music file is played, copied, or further distributed. In this manner, unauthorized copying or sharing of the music file is restricted. Unfortunately, this client-server distribution model requires that all digital content to be distributed reside on the server.
With the proliferation of the Internet, distributed databases and peer-to-peer networks continue to grow. Such growth has led to widespread file sharing where the data to be transferred resides on distributed client computers. These distributed client computers can be part of a client-server or peer-to-peer environment. Distributed file sharing eliminates the need for desired content to be centrally located, as in the client-server distribution model described above. In most distributed file sharing environments, an application server is utilized to provide a centralized listing of available content. However, as opposed to the central location model, only the list of contents is centrally located on the server, not the content itself. In the distributed environment, a user can search the application server for desired content by searching the content list. The server provides the user with the specific address of another user that has the desired content. The two users then establish a client-to-client connection and transfer the file containing the desired content. A conventional distributed file sharing environment is illustrated in FIG. 1. A client computer 10 and a client computer 20 are coupled to a server 30. The client computers 10 and 20 typically include files containing digital content to be shared. The server 30 includes a list of files to be shared that reside on the client computer 10 and the client computer 20. For simplicity, only two client computers are illustrated in FIG. 1. It should be clear that typical distributed file sharing environments are composed of many more than two client computers. A user of client computer 20 searches the list of contents provided by the server 30 for a desired file. Once the user finds the desired file, the server 30 can provide the location of the desired file, which in this case is client computer 10. The server 30 notifies the client computer 10 to send the desired file to client computer 20, and the server 30 notifies the client computer 20 that the desired file is going to be sent by the client computer 10. The client computer 20 then establishes a connection with the client computer 10, such as a peer-to-peer connection, and the client computer 10 then sends the desired file to client computer 20 over the client-to-client connection. The desired file is now stored on both the client computer 10 and the client computer 20. This method of distributed file sharing does not provide a manner in which file sharing can be regulated. What is needed is a way to restrict file sharing from one peer to another peer. What is also needed is a way to apply a secure file sharing method similar to the central location distribution model within a distributed file sharing environment.